A recently uncovered Russian cyber campaign has been targeting Ukrainian entities with two new, previously undocumented malware families, BadPaw and MeowMeow, linked to the notorious APT28 group. The attack begins with a phishing email containing a ZIP archive link, which upon extraction, displays a decoy document in Ukrainian related to border crossing appeals. This initial stage is designed to deceive victims into executing the malicious payload. The deployment of BadPaw loader and MeowMeow backdoor suggests a high level of sophistication, allowing attackers to gain persistent access to compromised systems. The involvement of APT28, a state-aligned threat actor, signifies a geopolitical motivation behind the campaign1. This shift in threat model necessitates a distinct approach to mitigation and response, as the tactics and objectives differ significantly from those of financially motivated cybercrime groups. The use of such advanced malware families in targeted attacks underscores the importance of enhanced security measures to counter state-sponsored threats.